Saturday, September 29. 2007

Originally I was going to make this Serendipity (s9y) specific, and portions of this might slant that way, but the concepts and programs mentioned here are typically blog software agnostic. Any specific examples are going to center around Apache, PHP, and S9y. I am also assuming you have the ability to install extra software on your web host account.

#1: Akismet - First on the list, especially if you allow anonymous blog comments, is obtaining an Akismet API key and enabling your blog software to use it. S9y has built in support for Akismet through the use of a recent version of the Spamblock module. Enabling Akismet typically blocks around 95%+ of the spam attempts by itself. Most blog programs have Akismet support these days.

#2: Bad Behavior - Although the documentation is a bit sparse, Bad Behavior does a good job of detecting spammers by use of heuristics. To install and use it with s9y, for now, you will want to unzip the package into separate directory of your website and add require_once( '/yoursite/bb-directory/bad-behavior-generic.php'); near the beginning of s9y's serendipity_config.inc.php file.

#3: Project Honeypot - By itself, this won't prevent comment spam, but it does an excellent job of collecting IP addresses of spambots that are looking for e-mail addresses. Every website that joins the collective helps with the cause. Once you have joined, you can also take advantage of Project Honeypot's http:BL, which will help reduce comment spam.

#4: mod_security - I recommend installing mod_security, which is an installable module for Apache, and has a nice community of rule writers behind it. You could almost think of it as a Snort module for web servers. Some of the more clever rules will protect sites from unknown and unpatched exploits due to SQL injection detection and other 'script kiddie' countermeasures.

Serendipity specific spam zombie network workaround involving comments.php:
Many years ago, around the 0.7 revision level of s9y, there was a bug in comments.php that script kiddies latched on to. Version 0.7-rc1 patched this bug, and any newer version cannot be exploited this way.

With that said, my site typically receives about ten exploit attempts per minute from IPs around the world. To help lighten the load on your web server and SQL server, your best bet is to make use of a custom .htaccess entry in your blog directory.

Assuming you are running Apache with mod_setenvif enabled, add these lines to the bottom of your .htaccess:

SetEnvIf user-agent ^$ commentexploit
Deny From env=commentexploit

If your site had been pegging the CPU from all the invalid requests before, it should handle the load much better now.

With all of these countermeasures in place, about one spam comment per month sneaks through my blockade, and most of the time, it will get marked for moderation so I can delete it before anyone sees it. Overall, I am currently winning the battle against the spammers, but their tactics are always changing.

Our oldest daughter, Sabrina, turned 6 today. I'll will always be able to remember the day the newsletter came out due to this.

I've also lost 15 to 20 pounds since that picture was taken in February 2007. During that time, unknown to me, four wisdom teeth were becoming impacted and very infected. They were taken out last month and my whole face feels 100% better. No more 'chipmunk' look.

The reason I state this is due to the influx of spam coming from an e-mail address that is only used at Monster.com. I haven't been to the site in ages, but I was informed of the security breach earlier this year.

Whenever I need to setup an account with a company, I typically will put the name of the company as the e-mail address combined with one of the domain names I own.

A good example would be if there was a company called SuperWidgets and I setup an account with them, I would set my e-mail address for them as superwidgets@somedomainnameiown.com.

If I suddenly receive spam coming into that address, I know they have either sold my e-mail address without my permission or snuck it into a terms-of-service update without me catching it or someone has obtained the list of e-mail addresses.

If I don't want to deal with the company anymore or the spam associated with it, I will deactivate that e-mail alias on my domain. It can become a bit cumbersome to maintain but it is any excellent way to pre-whitelist or ban certain e-mail addresses without giving out your main e-mail address or domain.

I suspect my Monster e-mail alias is going to buh-bye shortly if this spam trend continues. Keep an eye out for increased spam to your Monster.com's e-mail addresses and please let me know if you notice it too.

Wednesday, September 12. 2007

I had been preparing for this for over a year but it always catches you by surprise when the day finally comes. My uncle who had been fighting lung cancer died today. If you are smoking, and are thinking of stopping, please do. If you are not thinking about stopping, at least consider it.

I suspect I'd have an awesome guy around still if he hadn't started way before "everyone knew" smoking was bad for you.

I won't get on a soapbox about it. I'm just bummed out really.

The only thing that comforts me right now is that he was able to see his 3 daughters and one son get married in the past few years.

Most of my family has been "alive" while I have been alive and in general, anyone who had passed away, I was too young to really know them. So, for about 32 years, I really haven't had to deal with many funerals. The past few years has changed that, but it is to be expected.

When I talk about family members that have died recently, people seem to react like there is a plague on our family with health issues. Overall, it is the exact opposite. I've been very fortunate to have so many family members last into their 70s, 80s and sometimes 90s. Time just catches up with you I guess.

I know it really has kicked me in the rear to get the most out of life while I am alive.

Thursday, September 6. 2007

Exciting news for anyone that has been following the Thinkpad line of laptops. Of course, you can add 4GB of RAM to a T60/T60p but due to i945 chipset limitations (mainly dealing with PCI-E MMIO space and x86 braindamage), the maximum usable RAM will only be around 3.2GB.

My work laptop is a T60 with 3GB of RAM and I dream of a day when it will be a T61p with more RAM!